Welcome to Technology Short Take #165! Over the last few weeks, I’ve been collecting articles I wanted to share with readers on major areas in technology: networking, security, storage, virtualization, cloud computing, and OSes/applications. This particular Technology Short Take is a tad heavy on cloud computing, but there’s a decent mix of other articles as well. Enjoy!
kube-proxy
, I highly recommend this post by Arthur Chiao. There is a ton of information here!Last year, I blogged about how to use Red Hat Ansible Automation Platform to migrate Azure Arc-enabled servers from Azure Log Analytics Agents (MMA/OMS) to Azure Monitor Agent (AMA). Azure Arc supports a number of other extensions that can add additional value to your Arc-enabled infrastructure. Since my previous article, all of these extensions have been added to the azure.infrastructure_config_demos collection that contains a role for managing Arc-enabled server VM extensions with Ansible.
Each extension offers unique capabilities to your Arc-enabled fleet, such as logging, vulnerability scanning, key vault cert sync, update management, and more. Enabling these extensions is simple for small numbers of machines. When you need to scale out the work of enabling and configuring these extensions across hundreds or thousands of devices, then Ansible Automation Platform can help!
This article covers how to use Ansible Automation Platform to enable VM extensions supported in the azure.infrastructure_config_demos collection. Within the collection, there are a number of playbooks and roles; the following are pertinent to this post.
File or Folder |
Description |
Playbook that will be used as a job template to enable Azure Arc extensions. |
|
Playbook that will be used Continue reading |
I’ve been using macOS Stage Manager off and on for a little while now. In Stage Manager, I can see the beginnings of what might be a very useful paradigm for desktop computing. Unfortunately, in its current incarnation, I believe Stage Manager is incomplete.
Note that I haven’t yet tried Stage Manager on my iPad; my comments here apply only to the macOS implementation.
For those of you who haven’t yet tried Stage Manager yet, here’s a screenshot of my desktop, taken while I was writing this blog post:
I’ll draw your attention to the list of “recently used applications” on the left side of the screen. That’s the “Cast” (a term used by Howard Oakley in his great introductory article on Stage Manager). As you can see in this screenshot, the Cast supports application groups—like having Slack and Mail grouped together—as well as single applications. This allows you to easily switch between groups of applications simply by clicking on the preview in the Cast (which, using Howard’s terminology, moves the application or applications to the Stage).
This is the glimmer of a useful paradigm that I see in Stage Manager: being able to assemble groups of applications that Continue reading
In today’s fast moving world, schedule driven, incremental releases may not be what customers are looking for. After gathering input from both external and internal customers, there is a definite appetite for more content driven releases.
Rather than waiting weeks to get official builds with a bug fix (schedule driven), most would like to have those builds made available within days after the code has been tested and merged (content driven). Beginning with Red Hat Ansible Automation Platform 2.3, this new release mechanism will be the norm. This blog will explain what it means for you and your processes.
From a business perspective, Ansible Automation Platform is the solution Red Hat offers its customers to reach and unleash the full potential of strategic automation.
From a technical perspective, Ansible Automation Platform is an umbrella of many components that provide automation capabilities. Some of these well known components include automation controller, Ansible automation hub, ansible-runner and ansible-core, which also have underlying dependencies.
A parallel can be easily drawn with Red Hat Enterprise Linux, which is the sum of all its components’ capabilities to run a battle tested operating system, just like Ansible Continue reading
Normally, installing a Pulumi provider is pretty easy; you run pulumi up
and the provider gets installed automatically. Worst case scenario, you can install the provider using pulumi plugin install
. However, when dealing with prerelease providers, sometimes things have to be done manually. Such is the case with the prerelease Pulumi provider for Talos Linux. In this post, I’ll show you what the manual process looks like for installing a prerelease provider.
The GitHub repository for the prerelease Pulumi provider for Talos can be found here. As of this writing, the latest release was v0.1.0-beta.0. Currently, the prerelease provider for Talos Linux can’t be installed automatically when running pulumi up
, and pulumi plugin install
doesn’t work either.
The manual process for installing this provider looks like this:
~/.pulumi/plugins
. Navigate to that directory, and create a subdirectory whose name corresponds to the version of the Talos provider. For example, if the version downloaded is v0.1.0-beta.0, then the name of the new Continue reading
We’re surrounded! Our modern systems and applications are constantly generating events. These events could be generated by service requests, application events, health checks, etc. With the wealth of information from event traffic surrounding everything we do, Event-Driven Ansible allows for automated responses to incoming events.
But not only are we completely engulfed in event data, we’re also enveloped by event sources. Think about your organization or even your household for a minute and consider how many pieces of equipment or applications are generating data that could be put to use if only you were able to easily collect it.
Event source plugins within Event-Driven Ansible act as a bridge between Ansible and event generating applications and services. Event-Driven Ansible already has a handful of event plugins to consume events from a variety of sources. But what if your source plug-in isn’t represented in that list? Or what if you’re a Red Hat partner who wants to connect Event-Driven Ansible to your own solution? The good news is, developing event source plugins for Event-Driven Ansible can be a relatively painless endeavor.
Event-Driven Ansible leverages rulebooks to codify the response to an event. Rulebooks combine Continue reading
Since I switched my primary workstation to an M1-based MacBook Pro (see my review here), I’ve starting using temporary AWS EC2 instances for compiling code, building Docker images, etc., instead of using laptop-local VMs. I had an older Mac Pro (running Fedora) here in my home office that formerly filled that role, but I’ve since given that to my son (he’s a young developer who wanted a development workstation). Besides, using EC2 instances has the benefit of access when I’m away from my home office. I use Pulumi to manage these instances, and I extended my Pulumi code to also include managing local Docker contexts for me as well. In this post, I’ll share the solution I’m using.
For those that aren’t already aware, Docker supports SSH-based contexts, which allow you to use the docker
CLI over an SSH connection to a remote Docker daemon (including one behind an SSH bastion host). This is the functionality I’m using to do remote Docker image builds on an EC2 instance. I wrote a bit about SSH-based Docker contexts here.
When I run pulumi up
to create the infrastructure, the Pulumi code (written in Go) does a few things:
It has been a long term ask and our desire to make Smart Inventory, well, smarter. We’ve listened to feedback, and are now addressing not only direct customer asks but also presenting solutions to make it better overall.
The current Smart Inventory has a number of shortcomings:
All of these issues stem from the original design of Smart Inventory, and the fact that Inventory Django models (Inventory, Group, and Host) save their “variables” in text form as YAML/JSON, as they appear in the UI. We then have to parse these into a dictionary form so they are in some way usable. This introduces new challenges and constraints.
So rather than continuing down a sub-optimal route, we’ve taken stock of the options (there were many and they got Continue reading
On November 29, we launched Red Hat Ansible Automation Platform 2.3, which included new and exciting features including improvements for Configuration as Code (CaC). Ansible Automation Platform 2.3 also includes improvements to automation controller as well as the introduction of Ansible validated content. This blog post will walk you through what CaC is and the benefits it can bring to your organization, including a UI and API walkthrough of automation controller and how to take a full Configuration as Code approach to your automation infrastructure.
CaC is a term generally referring to the separation of configuration settings from the actual code. The ideal being you can store that configuration data in source control, and easily run and tweak it to match different environments.
In Ansible Automation Platform terms, we can use the features within the automation controller in combination with CaC to provide a more flexible, richer experience. Essentially we’ve added ‘Prompt on Launch’ to everything within a job template, many of which will also trickle down into workflows.
‘Prompt on launch’ is our Ansible Automation Platform way of saying ‘this is the Continue reading
Welcome to Technology Short Take #164! I’ve got another collection of links to articles on networking, security, cloud, programming, and career development—hopefully you find something useful!
osquery
for behavioral detection of macOS malware was an interesting read.[This blog post is based on my presentation at AnsibleFest 2022 in Chicago and virtually.]
Recently, a suggestion was made to adopt Tim Peters’ “The Zen of Python” as an overall guiding principle for designing good automation content. That gave me pause because it didn’t seem like the right thing to me. While there is definitely some very good advice to “The Zen of Python” that can be applied to Ansible content, adopting it in its entirety would not provide the best user experience that Ansible is capable of and known for. Its presence as a guiding principle for content design gives the wrong impression and re-enforces a mindset we don't want to recommend.
This got me thinking, what is “the zen” of Ansible?
I considered the spirit of “The Zen of Python” and then I returned to the Ansible best practices talk that I first co-presented back in 2016 at Red Hat Summit and later touched upon here in this blog. In that talk, I said that Ansible was designed with a philosophy of sorts from the very beginning.
“The Ansible way” is to provide an automation tool that is simple, powerful and agentless. Ansible enables users with Continue reading
We introduced resource modules in Ansible 2.9, which provided a path for users to ease network management, especially across multiple different product vendors. This announcement was significant because these resource modules added a well structured representation of device configurations and made it easy to manage common network configurations.
At AnsibleFest 2022, we announced a new addition to the content ecosystem offered through the platform: Ansible validated content. Ansible validated content is use cases-focused automation that is packaged as Collections. They contain Ansible plugins, roles and playbooks that you can use as an automation job through Red Hat Ansible Automation Platform.
The Ansible validated content for network base focuses on abstract platform-agnostic network automation and enhances the experience of resource module consumption by providing production-ready content. This network base content acts as the core to the other network validated content, which I will explain more about in the examples below.
The network.base Collection acts as a core for other Ansible validated content, as it provides the platform agnostic role called Resource Manager, which is the platform-agnostic entry point for managing all of the resources supported for a given network OS. It includes the Continue reading
Image: DALL-E
Artificial intelligence (AI) is revolutionizing how we work and play in exciting ways. At first glance, AI tools, such as ChatGPT, seem to provide all the correct answers. But once we delve deeper and implement the suggestions, it often isn’t as effortless as it appears. This is especially true when generating code.
In this blog, we wanted to put ChatGPT to the test and see how it fares with developing Ansible Playbooks and share our results. We’ll also cover the experience and feedback from developers across domains.
We’ll also provide more information on our upcoming automation AI superpower, Project Wisdom.
First, let’s briefly discuss what ChatGPT is and how it works.
“We’ve trained a model called ChatGPT which interacts in a conversational way. The dialogue format makes it possible for ChatGPT to answer followup questions, admit its mistakes, challenge incorrect premises, and reject inappropriate requests.”
OpenAI ChatGPT release announcement
ChatGPT is a chatbot developed by OpenAI and built on top of their GPT (Generative Pre-trained Transformer) 3.5 large language model.
Large language models (LLM) are trained on massive amounts of data to predict the next word in a sentence. GPT 3. Continue reading
The complexity of enterprise networks is increasing with the widespread adoption of networks spanning on premises data centers and cloud. To meet the challenge of this complexity, automation technology specifically designed for a NetOpps approach for Hybrid Cloud environments has been jointly developed by Red Hat and F5. Its focus on security, scale, and speed are all goals inherent in a NetOpps strategy that allow teams to thrive in the increasingly complex world of enterprise networking.
Network teams also need to work well with groups across the IT stack while also taking advantage of the benefits of infrastructure as code. When everyone speaks the same language and uses the same revision control tools to deploy and update their infrastructure, IT infrastructure is more reliable, secure, downtime is reduced, and organizations save money.
F5 and the Red Hat Ansible Automation Platform delivers the features and functionality needed for a NetOpps team - with a powerful automation platform designed for simplicity and inter team cooperation. You will learn how F5 and Red Hat assist network teams transitioning to a NetOps workflow, while reducing risk and increasing productivity. From on-prem to the cloud, F5 and Red Hat can Continue reading
AnsibleFest 2022 was our first in-person event in a few years, and it delivered some exciting news that will impact the growth and expansion of automation for our customers in the months to come. We had more than 450 organizations represented in person in Chicago. Our keynotes featured Red Hat, IBM Research, and Rockwell Automation. During the two days, we announced several new features and capabilities to make adopting automation more accessible. In addition, IDC analyst Jevin Jensen recently published his opinions and insights on AnsibleFest 2022 that we break down below .
What did we announce?
Each day of the event featured keynotes, one on the Current State of Automation and one on The Future of Automation. There was a lot of excitement over the many announcements, including:
Last year Ansible Automation Platform (AAP) 2 introduced major changes around the mechanics on how automation is run. The main focus was to enhance the foundational pieces of the platform while providing flexibility and simplicity for automators to automate at enterprise scale. One of those foundational pieces introduced was automation mesh.
Automation mesh provides a simple, flexible and reliable way to scale automation of large inventories across diverse network topologies, platforms and teams. It was important to evolve how the platform was developed, managed, operated to meet business demands and needs, for the large majority of customers.
Prior to AAP 2.3, the automation mesh was mostly a VM deployment base option and feature. I’ve tried to highlight the main differences between platform choices in this diagram:
We are now starting to level up the feature parity, and this brings remote mesh execution nodes to non-VM supported deployments. Before we look more at the new feature, let’s look at the options that were available before:
For VM based deployments, the automation mesh introduced horizontal scaling, the ability to scale your automation needs out, whether locally or globally. We did this by Continue reading
A simple example - No Shut, No Problem
Since the announcement of Event-Driven Ansible, I cannot stop thinking about potential use cases. Can I get events to automate scaling? Could I use a filesystem event to trigger filesystem integrity checks? Could I get a slackbot to trigger my choice of heavy metal playlist based on a “mood” event? It's all possible! But let’s not go too crazy, not yet.
I started having a look at the fantastic work that one of our engineers, Nilashish Chakraborty has been doing around network telemetry and Ansible. This led me down the path to explore network events and what I could potentially do with something like Event-Driven Ansible. So let’s start with a super simple interface example.
Reaching out to the team at Arista, we started discussing and looking at the mechanisms they are using to get telemetry data. With Arista we are able to use gNMI, gNMI is an open source protocol specification created by the OpenConfig working group that is used to stream data to and from network devices. The OpenConfig working group operates as an open source project with contributions from network operators, equipment vendors in providing vendor-neutral Continue reading
Welcome to Technology Short Take #163, the first of 2023! If you’re new to this site, the Technology Short Takes are essentially “link lists”—I collect links and articles about various technologies and I share them about every 3-4 weeks (sometimes more frequently). I’ll often add a bit of commentary here and there, but the real focus is the information in the linked articles. But enough of this, let’s get on with it! Here’s hoping you find something useful here.
Off and on for a number of years, I published a “projects for the coming year” post and a “report card for last year’s projects” post (you can find links to all of these here). Typically, the project list was composed of new things I would learn and/or new things I would create or do. While there’s nothing wrong with this sort of thing—not at all!—I came across an idea while reading that I’ve decided I’ll adopt for 2023: a depth year.
The idea comes from this article, which I found while searching for some other information. Basically, a “depth year” is a year focused on going “deeper” (increasing your expertise in things you already know) instead of going “wider” (adding new things to what you know). Don’t take on new hobbies; instead, focus on getting better at the hobbies you already have. Don’t buy new books; instead, read the unread books that you keep meaning to get around to but never actually do. Don’t buy courses to learn something new; instead, finish the courses you already purchased.
I love this idea. Now, I know already that there is one small area where I’ll violate the rule Continue reading
If you're looking to brush up on the most popular Ansible information from 2022 (or just grasping at any excuse to break away from your relatives for a few minutes during the holidays), you've come to the right place. What follows are the top 10 blogs that have captured the most attention from Ansible.com readers in 2022.
One of the buzzworthy announcements at AnsibleFest 2022 was Event-Driven Ansible, released as Developer Preview by Red Hat. In this blog, Joe Pisciotta, Ansible Product Manager, describes Event-Driven Ansible's integration with 3rd-party event sources and support for establishing rules using "if-then" scenarios. Discover why Event-Driven Ansible makes remediating issues simple and removes the time-consuming customization usually required with "self-healing" approaches.
Several new features and enhancements were announced as part of Ansible Automation Platform 2.3, such as more flexibility and control over execution nodes in automation mesh, the launch of Ansible validated content to help you get started automating operational tasks, support for LDAP with RBAC, and much more. Sean Cavanaugh, Ansible Technical Marketing Manager, outlines the capabilities of these new Continue reading